cargo-deny is a linting tool used to detect security vulnerabilities, incompatible licenses, and disallowed packages in the dependencies. We should include it in our CI so we can detect and fix these issues without requiring users to notify us of them (a few examples). We can also use this to ensure we don't accidentally bring in async-std in tokio mode or OpenSSL at all, for example.